The Value of Documented Cybersecurity

Leveraging Proactive Documentation as a Cost-effective Solution

The latter half of this past decade saw a record number of cybersecurity failures. The biggest breaches had headline-grabbing impacts and heavy financial costs. In 2017, The Equifax hack exposed the personal information of 143 million consumers, and Equifax itself lost $4 billion in stock market value by that September. The WannaCry ransomware attack created $4 billion of damage to business operations in over 100 countries. The Petya / NotPetya ransomware attack that closely followed WannaCry had dire effects on the operations of FedEx and Maersk and a total estimated cost of $300 million.

This was the emergence of a new era, and the trend continued unabated. In 2018, Marriott announced 500 million travelers had their data compromised, and the city of Atlanta was struck by a crippling ransomware attack. In 2019, a Quest Diagnostics breach exposed 11.9 million patients’ medical and financial data, leading to the bankruptcy of the American Medical Collection Agency (the contractor found to be at fault). In 2020, even after their 2018 compromise, Marriott announced another breach of 5 million users’ personal information. These are just a few examples.

ABOUT THE AUTHORS

Steven Nyikos, CISSP, is a Senior Consultant within DayBlink’s Cybersecurity Center of Excellence

Michael Morgenstern is a Partner and Practice Lead of DayBlink’s Cybersecurity Center of Excellence and is based in Boston, Massachusetts